[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: SELinux newbie
- From: Stephen Smalley <sds tycho nsa gov>
- To: Sietjp <sietjp free fr>
- Cc: fedora-selinux-list redhat com
- Subject: Re: SELinux newbie
- Date: Tue, 15 Jan 2008 08:48:15 -0500
On Tue, 2008-01-15 at 14:34 +0100, Sietjp wrote:
>
> Hi all,
> Sorry for this newbie post.
> I'm running fedora 8 and lamp.
> All is wroking fine except of emails. Apache is not able to send emails via
> sendmail.
>
> I tried setenforce 0, and then all is working fine.
>
> But as I'm not a lazy guy, I would like to keep SELInux active and understand
> what is giong wrong.
>
> Please help :)
> I don't ask for the solution but maybe a starting point or a link, thx :)
If you install setroubleshoot (yum install setroubleshoot), it can
detect and report SELinux denials to you in a more friendly manner,
either via desktop alert or via email if it is a server.
Or you can look at the audit logs (/sbin/ausearch -i -m AVC) or system
logs (grep avc /var/log/messages) to see what denials are being
generated, and report those to this list.
audit2allow can help you work around denials, but you should post the
denials to get guidance on the proper fix. setroubleshoot can sometimes
help as well with pointing you in the right direction.
Stephen Smalley
National Security Agency
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]